From 6caafbe5b6b777b309a6eb90a02cf54d5106fb9b Mon Sep 17 00:00:00 2001 From: Guo-wei Shieh Date: Mon, 5 Oct 2015 12:43:27 -0700 Subject: [PATCH] Convert uint16_t to int for WebRTC cipher/crypto suite. This is a follow up CL on https://codereview.webrtc.org/1337673002 BUG= R=pthatcher@webrtc.org Review URL: https://codereview.webrtc.org/1377733004 . Cr-Commit-Position: refs/heads/master@{#10175} --- talk/app/webrtc/statscollector.cc | 2 +- talk/app/webrtc/statscollector_unittest.cc | 2 +- talk/app/webrtc/webrtcsession.cc | 2 +- webrtc/base/opensslstreamadapter.cc | 25 +++++++++---------- webrtc/base/opensslstreamadapter.h | 8 +++--- webrtc/base/sslstreamadapter.cc | 16 ++++++------ webrtc/base/sslstreamadapter.h | 14 +++++------ webrtc/base/sslstreamadapter_unittest.cc | 18 ++++++------- webrtc/p2p/base/dtlstransportchannel.cc | 2 +- webrtc/p2p/base/dtlstransportchannel.h | 2 +- .../p2p/base/dtlstransportchannel_unittest.cc | 4 +-- webrtc/p2p/base/faketransportcontroller.h | 2 +- webrtc/p2p/base/p2ptransportchannel.h | 2 +- webrtc/p2p/base/transport.h | 2 +- webrtc/p2p/base/transportchannel.h | 4 +-- 15 files changed, 50 insertions(+), 55 deletions(-) diff --git a/talk/app/webrtc/statscollector.cc b/talk/app/webrtc/statscollector.cc index 6e2c950e22..70cc44db0e 100644 --- a/talk/app/webrtc/statscollector.cc +++ b/talk/app/webrtc/statscollector.cc @@ -734,7 +734,7 @@ void StatsCollector::ExtractSessionInfo() { channel_report->AddString(StatsReport::kStatsValueNameSrtpCipher, srtp_cipher); } - uint16_t ssl_cipher = channel_iter.ssl_cipher; + int ssl_cipher = channel_iter.ssl_cipher; if (ssl_cipher && rtc::SSLStreamAdapter::GetSslCipherSuiteName(ssl_cipher).length()) { channel_report->AddString( diff --git a/talk/app/webrtc/statscollector_unittest.cc b/talk/app/webrtc/statscollector_unittest.cc index 5e658680be..34a1c90cfb 100644 --- a/talk/app/webrtc/statscollector_unittest.cc +++ b/talk/app/webrtc/statscollector_unittest.cc @@ -61,7 +61,7 @@ using webrtc::StatsReports; namespace { // This value comes from openssl/tls1.h -const uint16_t TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014; +const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014; } // namespace namespace cricket { diff --git a/talk/app/webrtc/webrtcsession.cc b/talk/app/webrtc/webrtcsession.cc index 06b7f6bc21..15ddc28c7f 100644 --- a/talk/app/webrtc/webrtcsession.cc +++ b/talk/app/webrtc/webrtcsession.cc @@ -2149,7 +2149,7 @@ void WebRtcSession::ReportNegotiatedCiphers( } const std::string& srtp_cipher = stats.channel_stats[0].srtp_cipher; - uint16_t ssl_cipher = stats.channel_stats[0].ssl_cipher; + int ssl_cipher = stats.channel_stats[0].ssl_cipher; if (srtp_cipher.empty() && !ssl_cipher) { return; } diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc index 1330fc8509..c759ee5f15 100644 --- a/webrtc/base/opensslstreamadapter.cc +++ b/webrtc/base/opensslstreamadapter.cc @@ -148,26 +148,26 @@ static const SslCipherMapEntry kSslCipherMap[] = { // Default cipher used between OpenSSL/BoringSSL stream adapters. // This needs to be updated when the default of the SSL library changes. // static_cast causes build warnings on windows platform. -static uint16_t kDefaultSslCipher10 = +static int kDefaultSslCipher10 = static_cast(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); -static uint16_t kDefaultSslEcCipher10 = +static int kDefaultSslEcCipher10 = static_cast(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); #ifdef OPENSSL_IS_BORINGSSL -static uint16_t kDefaultSslCipher12 = +static int kDefaultSslCipher12 = static_cast(TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256); -static uint16_t kDefaultSslEcCipher12 = +static int kDefaultSslEcCipher12 = static_cast(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable. -static uint16_t kDefaultSslCipher12NoAesGcm = +static int kDefaultSslCipher12NoAesGcm = static_cast(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305); -static uint16_t kDefaultSslEcCipher12NoAesGcm = +static int kDefaultSslEcCipher12NoAesGcm = static_cast(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305); #else // !OPENSSL_IS_BORINGSSL // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't // change between TLS 1.0 and TLS 1.2 with the current setup. -static uint16_t kDefaultSslCipher12 = +static int kDefaultSslCipher12 = static_cast(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); -static uint16_t kDefaultSslEcCipher12 = +static int kDefaultSslEcCipher12 = static_cast(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); #endif @@ -348,7 +348,7 @@ bool OpenSSLStreamAdapter::SetPeerCertificateDigest(const std::string return true; } -std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(uint16_t cipher) { +std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(int cipher) { #ifdef OPENSSL_IS_BORINGSSL const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher); if (!ssl_cipher) { @@ -369,7 +369,7 @@ std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(uint16_t cipher) { #endif } -bool OpenSSLStreamAdapter::GetSslCipherSuite(uint16_t* cipher) { +bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher) { if (state_ != SSL_CONNECTED) return false; @@ -1130,9 +1130,8 @@ bool OpenSSLStreamAdapter::HaveExporter() { #endif } -uint16_t OpenSSLStreamAdapter::GetDefaultSslCipherForTest( - SSLProtocolVersion version, - KeyType key_type) { +int OpenSSLStreamAdapter::GetDefaultSslCipherForTest(SSLProtocolVersion version, + KeyType key_type) { if (key_type == KT_RSA) { switch (version) { case SSL_PROTOCOL_TLS_10: diff --git a/webrtc/base/opensslstreamadapter.h b/webrtc/base/opensslstreamadapter.h index dfcb43902e..56bba41c90 100644 --- a/webrtc/base/opensslstreamadapter.h +++ b/webrtc/base/opensslstreamadapter.h @@ -88,9 +88,9 @@ class OpenSSLStreamAdapter : public SSLStreamAdapter { StreamState GetState() const override; // TODO(guoweis): Move this away from a static class method. - static std::string GetSslCipherSuiteName(uint16_t cipher); + static std::string GetSslCipherSuiteName(int cipher); - bool GetSslCipherSuite(uint16_t* cipher) override; + bool GetSslCipherSuite(int* cipher) override; // Key Extractor interface bool ExportKeyingMaterial(const std::string& label, @@ -110,8 +110,8 @@ class OpenSSLStreamAdapter : public SSLStreamAdapter { static bool HaveExporter(); // TODO(guoweis): Move this away from a static class method. - static uint16_t GetDefaultSslCipherForTest(SSLProtocolVersion version, - KeyType key_type); + static int GetDefaultSslCipherForTest(SSLProtocolVersion version, + KeyType key_type); protected: void OnEvent(StreamInterface* stream, int events, int err) override; diff --git a/webrtc/base/sslstreamadapter.cc b/webrtc/base/sslstreamadapter.cc index 8930f2185d..0ce49d1359 100644 --- a/webrtc/base/sslstreamadapter.cc +++ b/webrtc/base/sslstreamadapter.cc @@ -34,7 +34,7 @@ namespace rtc { const char CS_AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; const char CS_AES_CM_128_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32"; -uint16_t GetSrtpCryptoSuiteFromName(const std::string& cipher) { +int GetSrtpCryptoSuiteFromName(const std::string& cipher) { if (cipher == CS_AES_CM_128_HMAC_SHA1_32) return SRTP_AES128_CM_SHA1_32; if (cipher == CS_AES_CM_128_HMAC_SHA1_80) @@ -52,7 +52,7 @@ SSLStreamAdapter* SSLStreamAdapter::Create(StreamInterface* stream) { #endif } -bool SSLStreamAdapter::GetSslCipherSuite(uint16_t* cipher) { +bool SSLStreamAdapter::GetSslCipherSuite(int* cipher) { return false; } @@ -79,9 +79,8 @@ bool SSLStreamAdapter::GetDtlsSrtpCipher(std::string* cipher) { bool SSLStreamAdapter::HaveDtls() { return false; } bool SSLStreamAdapter::HaveDtlsSrtp() { return false; } bool SSLStreamAdapter::HaveExporter() { return false; } -uint16_t SSLStreamAdapter::GetDefaultSslCipherForTest( - SSLProtocolVersion version, - KeyType key_type) { +int SSLStreamAdapter::GetDefaultSslCipherForTest(SSLProtocolVersion version, + KeyType key_type) { return 0; } #elif SSL_USE_OPENSSL @@ -94,13 +93,12 @@ bool SSLStreamAdapter::HaveDtlsSrtp() { bool SSLStreamAdapter::HaveExporter() { return OpenSSLStreamAdapter::HaveExporter(); } -uint16_t SSLStreamAdapter::GetDefaultSslCipherForTest( - SSLProtocolVersion version, - KeyType key_type) { +int SSLStreamAdapter::GetDefaultSslCipherForTest(SSLProtocolVersion version, + KeyType key_type) { return OpenSSLStreamAdapter::GetDefaultSslCipherForTest(version, key_type); } -std::string SSLStreamAdapter::GetSslCipherSuiteName(uint16_t cipher) { +std::string SSLStreamAdapter::GetSslCipherSuiteName(int cipher) { return OpenSSLStreamAdapter::GetSslCipherSuiteName(cipher); } #endif // !SSL_USE_SCHANNEL && !SSL_USE_OPENSSL diff --git a/webrtc/base/sslstreamadapter.h b/webrtc/base/sslstreamadapter.h index 867f309a03..fa4965149b 100644 --- a/webrtc/base/sslstreamadapter.h +++ b/webrtc/base/sslstreamadapter.h @@ -20,8 +20,8 @@ namespace rtc { // Constants for SRTP profiles. -const uint16_t SRTP_AES128_CM_SHA1_80 = 0x0001; -const uint16_t SRTP_AES128_CM_SHA1_32 = 0x0002; +const int SRTP_AES128_CM_SHA1_80 = 0x0001; +const int SRTP_AES128_CM_SHA1_32 = 0x0002; // Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except // in applications (voice) where the additional bandwidth may be significant. @@ -34,7 +34,7 @@ extern const char CS_AES_CM_128_HMAC_SHA1_32[]; // Returns the DTLS-SRTP protection profile ID, as defined in // https://tools.ietf.org/html/rfc5764#section-4.1.2, for the given SRTP // Crypto-suite, as defined in https://tools.ietf.org/html/rfc4568#section-6.2 -uint16_t GetSrtpCryptoSuiteFromName(const std::string& cipher_rfc_name); +int GetSrtpCryptoSuiteFromName(const std::string& cipher_rfc_name); // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. // After SSL has been started, the stream will only open on successful @@ -152,7 +152,7 @@ class SSLStreamAdapter : public StreamAdapterInterface { // Retrieves the IANA registration id of the cipher suite used for the // connection (e.g. 0x2F for "TLS_RSA_WITH_AES_128_CBC_SHA"). - virtual bool GetSslCipherSuite(uint16_t* cipher); + virtual bool GetSslCipherSuite(int* cipher); // Key Exporter interface from RFC 5705 // Arguments are: @@ -185,13 +185,13 @@ class SSLStreamAdapter : public StreamAdapterInterface { // Returns the default Ssl cipher used between streams of this class // for the given protocol version. This is used by the unit tests. // TODO(guoweis): Move this away from a static class method. - static uint16_t GetDefaultSslCipherForTest(SSLProtocolVersion version, - KeyType key_type); + static int GetDefaultSslCipherForTest(SSLProtocolVersion version, + KeyType key_type); // TODO(guoweis): Move this away from a static class method. Currently this is // introduced such that any caller could depend on sslstreamadapter.h without // depending on specific SSL implementation. - static std::string GetSslCipherSuiteName(uint16_t cipher); + static std::string GetSslCipherSuiteName(int cipher); private: // If true, the server certificate need not match the configured diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc index c8fe9a01e7..386fe4f986 100644 --- a/webrtc/base/sslstreamadapter_unittest.cc +++ b/webrtc/base/sslstreamadapter_unittest.cc @@ -410,7 +410,7 @@ class SSLStreamAdapterTestBase : public testing::Test, return server_ssl_->GetPeerCertificate(cert); } - bool GetSslCipherSuite(bool client, uint16_t* retval) { + bool GetSslCipherSuite(bool client, int* retval) { if (client) return client_ssl_->GetSslCipherSuite(retval); else @@ -972,9 +972,9 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuite) { SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); TestHandshake(); - uint16_t client_cipher; + int client_cipher; ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); - uint16_t server_cipher; + int server_cipher; ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); ASSERT_EQ(client_cipher, server_cipher); @@ -990,9 +990,9 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); TestHandshake(); - uint16_t client_cipher; + int client_cipher; ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); - uint16_t server_cipher; + int server_cipher; ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); ASSERT_EQ(client_cipher, server_cipher); @@ -1007,9 +1007,9 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); TestHandshake(); - uint16_t client_cipher; + int client_cipher; ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); - uint16_t server_cipher; + int server_cipher; ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); ASSERT_EQ(client_cipher, server_cipher); @@ -1024,9 +1024,9 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); TestHandshake(); - uint16_t client_cipher; + int client_cipher; ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); - uint16_t server_cipher; + int server_cipher; ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); ASSERT_EQ(client_cipher, server_cipher); diff --git a/webrtc/p2p/base/dtlstransportchannel.cc b/webrtc/p2p/base/dtlstransportchannel.cc index ff42a4df13..26bb1814d5 100644 --- a/webrtc/p2p/base/dtlstransportchannel.cc +++ b/webrtc/p2p/base/dtlstransportchannel.cc @@ -186,7 +186,7 @@ bool DtlsTransportChannelWrapper::GetSslRole(rtc::SSLRole* role) const { return true; } -bool DtlsTransportChannelWrapper::GetSslCipherSuite(uint16_t* cipher) { +bool DtlsTransportChannelWrapper::GetSslCipherSuite(int* cipher) { if (dtls_state_ != STATE_OPEN) { return false; } diff --git a/webrtc/p2p/base/dtlstransportchannel.h b/webrtc/p2p/base/dtlstransportchannel.h index f1a5231f9c..d27d30e01e 100644 --- a/webrtc/p2p/base/dtlstransportchannel.h +++ b/webrtc/p2p/base/dtlstransportchannel.h @@ -141,7 +141,7 @@ class DtlsTransportChannelWrapper : public TransportChannelImpl { bool SetSslRole(rtc::SSLRole role) override; // Find out which DTLS cipher was negotiated - bool GetSslCipherSuite(uint16_t* cipher) override; + bool GetSslCipherSuite(int* cipher) override; // Once DTLS has been established, this method retrieves the certificate in // use by the remote peer, for use in external identity verification. diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc index 814957785a..cad5b563a5 100644 --- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc +++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc @@ -228,10 +228,10 @@ class DtlsTestClient : public sigslot::has_slots<> { } } - void CheckSsl(uint16_t expected_cipher) { + void CheckSsl(int expected_cipher) { for (std::vector::iterator it = channels_.begin(); it != channels_.end(); ++it) { - uint16_t cipher; + int cipher; bool rv = (*it)->GetSslCipherSuite(&cipher); if (negotiated_dtls_ && expected_cipher) { diff --git a/webrtc/p2p/base/faketransportcontroller.h b/webrtc/p2p/base/faketransportcontroller.h index 961728d96d..6d337a45a9 100644 --- a/webrtc/p2p/base/faketransportcontroller.h +++ b/webrtc/p2p/base/faketransportcontroller.h @@ -251,7 +251,7 @@ class FakeTransportChannel : public TransportChannelImpl, return false; } - bool GetSslCipherSuite(uint16_t* cipher) override { return false; } + bool GetSslCipherSuite(int* cipher) override { return false; } rtc::scoped_refptr GetLocalCertificate() const { return local_cert_; diff --git a/webrtc/p2p/base/p2ptransportchannel.h b/webrtc/p2p/base/p2ptransportchannel.h index 8859111bd1..0e5e01982c 100644 --- a/webrtc/p2p/base/p2ptransportchannel.h +++ b/webrtc/p2p/base/p2ptransportchannel.h @@ -114,7 +114,7 @@ class P2PTransportChannel : public TransportChannelImpl, bool GetSrtpCryptoSuite(std::string* cipher) override { return false; } // Find out which DTLS cipher was negotiated. - bool GetSslCipherSuite(uint16_t* cipher) override { return false; } + bool GetSslCipherSuite(int* cipher) override { return false; } // Returns null because the channel is not encrypted by default. rtc::scoped_refptr GetLocalCertificate() const override { diff --git a/webrtc/p2p/base/transport.h b/webrtc/p2p/base/transport.h index df0a34ce01..6324cd6864 100644 --- a/webrtc/p2p/base/transport.h +++ b/webrtc/p2p/base/transport.h @@ -111,7 +111,7 @@ struct TransportChannelStats { int component = 0; ConnectionInfos connection_infos; std::string srtp_cipher; - uint16_t ssl_cipher = 0; + int ssl_cipher = 0; }; // Information about all the channels of a transport. diff --git a/webrtc/p2p/base/transportchannel.h b/webrtc/p2p/base/transportchannel.h index afdba42969..ca7d7cf833 100644 --- a/webrtc/p2p/base/transportchannel.h +++ b/webrtc/p2p/base/transportchannel.h @@ -113,9 +113,7 @@ class TransportChannel : public sigslot::has_slots<> { // Finds out which DTLS cipher was negotiated. // TODO(guoweis): Remove this once all dependencies implement this. - virtual bool GetSslCipherSuite(uint16_t* cipher) { - return false; - } + virtual bool GetSslCipherSuite(int* cipher) { return false; } // Gets the local RTCCertificate used for DTLS. virtual rtc::scoped_refptr